yawast 0.2.0.beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +21 -0
  3. data/.ruby-version +1 -0
  4. data/.travis.yml +7 -0
  5. data/README.md +454 -0
  6. data/Rakefile +9 -0
  7. data/bin/yawast +69 -0
  8. data/lib/commands/cms.rb +10 -0
  9. data/lib/commands/head.rb +12 -0
  10. data/lib/commands/scan.rb +11 -0
  11. data/lib/commands/ssl.rb +11 -0
  12. data/lib/commands/utils.rb +36 -0
  13. data/lib/resources/common.txt +1960 -0
  14. data/lib/scanner/apache.rb +72 -0
  15. data/lib/scanner/cms.rb +14 -0
  16. data/lib/scanner/core.rb +95 -0
  17. data/lib/scanner/generic.rb +323 -0
  18. data/lib/scanner/iis.rb +63 -0
  19. data/lib/scanner/nginx.rb +13 -0
  20. data/lib/scanner/obj_presence.rb +63 -0
  21. data/lib/scanner/php.rb +19 -0
  22. data/lib/scanner/ssl.rb +237 -0
  23. data/lib/scanner/ssl_labs.rb +491 -0
  24. data/lib/shared/http.rb +67 -0
  25. data/lib/string_ext.rb +16 -0
  26. data/lib/uri_ext.rb +5 -0
  27. data/lib/util.rb +25 -0
  28. data/lib/yawast.rb +57 -0
  29. data/test/base.rb +43 -0
  30. data/test/data/apache_server_info.txt +486 -0
  31. data/test/data/apache_server_status.txt +184 -0
  32. data/test/data/cms_none_body.txt +242 -0
  33. data/test/data/cms_wordpress_body.txt +467 -0
  34. data/test/data/iis_server_header.txt +13 -0
  35. data/test/data/tomcat_release_notes.txt +172 -0
  36. data/test/data/wordpress_readme_html.txt +86 -0
  37. data/test/test_cmd_util.rb +35 -0
  38. data/test/test_helper.rb +5 -0
  39. data/test/test_object_presence.rb +36 -0
  40. data/test/test_scan_apache_banner.rb +58 -0
  41. data/test/test_scan_apache_server_info.rb +22 -0
  42. data/test/test_scan_apache_server_status.rb +22 -0
  43. data/test/test_scan_cms.rb +27 -0
  44. data/test/test_scan_iis_headers.rb +40 -0
  45. data/test/test_scan_nginx_banner.rb +18 -0
  46. data/test/test_shared_http.rb +40 -0
  47. data/test/test_shared_util.rb +44 -0
  48. data/test/test_string_ext.rb +15 -0
  49. data/test/test_yawast.rb +17 -0
  50. data/yawast.gemspec +35 -0
  51. metadata +283 -0
data/yawast.gemspec ADDED
@@ -0,0 +1,35 @@
1
+ $:.push File.expand_path("../lib", __FILE__)
2
+ require File.expand_path("../lib/yawast", __FILE__)
3
+
4
+ Gem::Specification.new do |s|
5
+ s.name = 'yawast'
6
+ s.version = Yawast::VERSION
7
+ s.platform = Gem::Platform::RUBY
8
+ s.summary = "The YAWAST Antecedent Web Application Security Toolkit"
9
+ s.description = "YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors."
10
+ s.authors = ["Adam Caudill"]
11
+ s.email = 'adam@adamcaudill.com'
12
+ s.homepage = 'https://github.com/adamcaudill/yawast'
13
+ s.license = 'MIT'
14
+ s.rubyforge_project = "yawast"
15
+
16
+ s.add_runtime_dependency 'ssllabs', '~> 1.11'
17
+ s.add_runtime_dependency 'commander', '~> 4.4'
18
+ s.add_runtime_dependency 'highline', '~> 1.7'
19
+ s.add_runtime_dependency 'openssl-extensions', '~> 1.2'
20
+ s.add_runtime_dependency 'colorize', '~> 0.8'
21
+ s.add_runtime_dependency 'ipaddr_extensions', '~> 1.0'
22
+
23
+ s.add_development_dependency 'rake', '~> 0'
24
+ s.add_development_dependency 'minitest', '~> 0'
25
+ s.add_development_dependency 'minitest-reporters', '~> 0'
26
+ s.add_development_dependency 'simplecov', '~> 0'
27
+ s.add_development_dependency 'coveralls', '~> 0'
28
+ s.add_development_dependency 'webrick', '~> 0'
29
+
30
+ s.bindir = 'bin'
31
+ s.files = `git ls-files`.split("\n")
32
+ s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
33
+ s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
34
+ s.require_path = ["lib"]
35
+ end
metadata ADDED
@@ -0,0 +1,283 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: yawast
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.2.0.beta1
5
+ platform: ruby
6
+ authors:
7
+ - Adam Caudill
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2016-09-03 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: ssllabs
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.11'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.11'
27
+ - !ruby/object:Gem::Dependency
28
+ name: commander
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '4.4'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '4.4'
41
+ - !ruby/object:Gem::Dependency
42
+ name: highline
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '1.7'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '1.7'
55
+ - !ruby/object:Gem::Dependency
56
+ name: openssl-extensions
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '1.2'
62
+ type: :runtime
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '1.2'
69
+ - !ruby/object:Gem::Dependency
70
+ name: colorize
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '0.8'
76
+ type: :runtime
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '0.8'
83
+ - !ruby/object:Gem::Dependency
84
+ name: ipaddr_extensions
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '1.0'
90
+ type: :runtime
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '1.0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: rake
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - "~>"
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - "~>"
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: minitest
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
125
+ - !ruby/object:Gem::Dependency
126
+ name: minitest-reporters
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - "~>"
130
+ - !ruby/object:Gem::Version
131
+ version: '0'
132
+ type: :development
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - "~>"
137
+ - !ruby/object:Gem::Version
138
+ version: '0'
139
+ - !ruby/object:Gem::Dependency
140
+ name: simplecov
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - "~>"
144
+ - !ruby/object:Gem::Version
145
+ version: '0'
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - "~>"
151
+ - !ruby/object:Gem::Version
152
+ version: '0'
153
+ - !ruby/object:Gem::Dependency
154
+ name: coveralls
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - "~>"
158
+ - !ruby/object:Gem::Version
159
+ version: '0'
160
+ type: :development
161
+ prerelease: false
162
+ version_requirements: !ruby/object:Gem::Requirement
163
+ requirements:
164
+ - - "~>"
165
+ - !ruby/object:Gem::Version
166
+ version: '0'
167
+ - !ruby/object:Gem::Dependency
168
+ name: webrick
169
+ requirement: !ruby/object:Gem::Requirement
170
+ requirements:
171
+ - - "~>"
172
+ - !ruby/object:Gem::Version
173
+ version: '0'
174
+ type: :development
175
+ prerelease: false
176
+ version_requirements: !ruby/object:Gem::Requirement
177
+ requirements:
178
+ - - "~>"
179
+ - !ruby/object:Gem::Version
180
+ version: '0'
181
+ description: YAWAST is an application meant to simplify initial analysis and information
182
+ gathering for penetration testers and security auditors.
183
+ email: adam@adamcaudill.com
184
+ executables:
185
+ - yawast
186
+ extensions: []
187
+ extra_rdoc_files: []
188
+ files:
189
+ - ".gitignore"
190
+ - ".ruby-version"
191
+ - ".travis.yml"
192
+ - README.md
193
+ - Rakefile
194
+ - bin/yawast
195
+ - lib/commands/cms.rb
196
+ - lib/commands/head.rb
197
+ - lib/commands/scan.rb
198
+ - lib/commands/ssl.rb
199
+ - lib/commands/utils.rb
200
+ - lib/resources/common.txt
201
+ - lib/scanner/apache.rb
202
+ - lib/scanner/cms.rb
203
+ - lib/scanner/core.rb
204
+ - lib/scanner/generic.rb
205
+ - lib/scanner/iis.rb
206
+ - lib/scanner/nginx.rb
207
+ - lib/scanner/obj_presence.rb
208
+ - lib/scanner/php.rb
209
+ - lib/scanner/ssl.rb
210
+ - lib/scanner/ssl_labs.rb
211
+ - lib/shared/http.rb
212
+ - lib/string_ext.rb
213
+ - lib/uri_ext.rb
214
+ - lib/util.rb
215
+ - lib/yawast.rb
216
+ - test/base.rb
217
+ - test/data/apache_server_info.txt
218
+ - test/data/apache_server_status.txt
219
+ - test/data/cms_none_body.txt
220
+ - test/data/cms_wordpress_body.txt
221
+ - test/data/iis_server_header.txt
222
+ - test/data/tomcat_release_notes.txt
223
+ - test/data/wordpress_readme_html.txt
224
+ - test/test_cmd_util.rb
225
+ - test/test_helper.rb
226
+ - test/test_object_presence.rb
227
+ - test/test_scan_apache_banner.rb
228
+ - test/test_scan_apache_server_info.rb
229
+ - test/test_scan_apache_server_status.rb
230
+ - test/test_scan_cms.rb
231
+ - test/test_scan_iis_headers.rb
232
+ - test/test_scan_nginx_banner.rb
233
+ - test/test_shared_http.rb
234
+ - test/test_shared_util.rb
235
+ - test/test_string_ext.rb
236
+ - test/test_yawast.rb
237
+ - yawast.gemspec
238
+ homepage: https://github.com/adamcaudill/yawast
239
+ licenses:
240
+ - MIT
241
+ metadata: {}
242
+ post_install_message:
243
+ rdoc_options: []
244
+ require_paths:
245
+ - lib
246
+ required_ruby_version: !ruby/object:Gem::Requirement
247
+ requirements:
248
+ - - ">="
249
+ - !ruby/object:Gem::Version
250
+ version: '0'
251
+ required_rubygems_version: !ruby/object:Gem::Requirement
252
+ requirements:
253
+ - - ">"
254
+ - !ruby/object:Gem::Version
255
+ version: 1.3.1
256
+ requirements: []
257
+ rubyforge_project: yawast
258
+ rubygems_version: 2.6.6
259
+ signing_key:
260
+ specification_version: 4
261
+ summary: The YAWAST Antecedent Web Application Security Toolkit
262
+ test_files:
263
+ - test/base.rb
264
+ - test/data/apache_server_info.txt
265
+ - test/data/apache_server_status.txt
266
+ - test/data/cms_none_body.txt
267
+ - test/data/cms_wordpress_body.txt
268
+ - test/data/iis_server_header.txt
269
+ - test/data/tomcat_release_notes.txt
270
+ - test/data/wordpress_readme_html.txt
271
+ - test/test_cmd_util.rb
272
+ - test/test_helper.rb
273
+ - test/test_object_presence.rb
274
+ - test/test_scan_apache_banner.rb
275
+ - test/test_scan_apache_server_info.rb
276
+ - test/test_scan_apache_server_status.rb
277
+ - test/test_scan_cms.rb
278
+ - test/test_scan_iis_headers.rb
279
+ - test/test_scan_nginx_banner.rb
280
+ - test/test_shared_http.rb
281
+ - test/test_shared_util.rb
282
+ - test/test_string_ext.rb
283
+ - test/test_yawast.rb